A report released by Palo Alto’s Unit 42 researchers outlines a new Trojan they have seen that has been targeting Microsoft Windows systems with data exfiltration techniques. The trojan has been named PyMicropsia due to its links to the Micropsia malware and it being written in Python. The malware is authored by AridViper an active threat group that has been previously identified and is responsible for developing other malware. The information-stealing capabilities of PyMicropsia include uploading, payload downloading/execution, browser-credential stealing (and the ability to clear browsing history and profiles), taking screenshots, and keylogging. Along with these the malware can collect file listing information, delete files, reboot machines, collect information from USB drives, and record audio. Based on the analysis of the malware, many parts have not been used yet which leads researchers to believe that the malware is still in the development phase.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that